[Dovecot] Enforcing server cipher list order

Phillip Odam phillip.odam at nitorgroup.com
Thu Aug 29 02:51:48 EEST 2013


I noticed a similar/same discussion back on Aug 14th titled force 
ciphers order for clients. However from that thread I can't find quite 
what I'm after.

 From my testing of dovecot 2.1.6, by default it appears to honor the 
clients cipher list order for SSL/TLS connections.

I can't find any documentation on dovecot providing a setting like 
Apache HTTPDs to either honor the client or server cipher list i.e. 
SSLHonorCipherOrder.

Do newer versions (> 2.1.6) of dovecot either make this configurable or 
force honoring of the servers cipher list order? Or is the cipher 
selection a function that openssl performs? The version of openssl in 
use is 1.0.1e-fips.

Thanks
Phillip


More information about the dovecot mailing list